laffer1 / justjournal

JustJournal.com's Source
http://www.justjournal.com/
Other
2 stars 2 forks source link

[Snyk] Upgrade com.google.guava:guava from 33.1.0-jre to 33.2.0-jre #268

Closed laffer1 closed 6 months ago

laffer1 commented 6 months ago

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade com.google.guava:guava from 33.1.0-jre to 33.2.0-jre.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **2 versions** ahead of your current version. - The recommended version was released on **23 days ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Observable Timing Discrepancy
[SNYK-JAVA-ORGBOUNCYCASTLE-6277380](https://snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-6277380) | **509** | No Known Exploit --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. > - Max score is 1000. Note that the real score may have changed since the PR was raised. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** > - 🧐 [View latest project report](https://app.snyk.io/org/laffer1/project/92d1562f-6614-4887-91ed-664c62e4bf84?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/laffer1/project/92d1562f-6614-4887-91ed-664c62e4bf84/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/laffer1/project/92d1562f-6614-4887-91ed-664c62e4bf84/settings/integration?pkg=com.google.guava:guava&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
sonarcloud[bot] commented 6 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud